Skip to main content
SpringerLink
Log in

A Model-Driven Approach for Accountability in Business Processes

  • Conference paper
Enterprise, Business-Process and Information Systems Modeling (BPMDS 2014, EMMSAD 2014)

Part of the book series: Lecture Notes in Business Information Processing ((LNBIP,volume 175))

  • 1303 Accesses

Abstract

Accountability provides the necessary assurance to different stakeholders (customers, auditors, regulators) about the correct execution of the obligations concerning compliance requirements. Modeling accountability in a business process is an important problem, as SOA is the generally accepted standard for IT systems. This requires the orchestration of several non-functional concerns across services (such as authentication, authorization, logging, among others) to attest the correct operation of control activities. In this paper, we show how a model-driven framework for non-functional concerns can integrate accountability in business processes. Using the NFComp modeling framework, we define and compose a set of non-functional concerns that securely assert that subjects have fulfilled their responsibilities, towards realizing accountability. The approach allows the reuse of the composed accountability concerns in different processes.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Chollet, S., Lalanda, P.: Security specification at process level. In: IEEE International Conference on Services Computing, SCC 2008, vol. 1, pp. 165–172 (July 2008)

    Google Scholar 

  2. Gunestas, M., Wijesekera, D., Elkhodary, A.: An evidence generation model for web services. In: IEEE International Conference on System of Systems Engineering, SoSE 2009, May 30-June 3, pp. 1–6 (2009)

    Google Scholar 

  3. Gunestas, M., Wijesekera, D., Singhal, A.: Forensic web services. In: Ray, I., Shenoi, S. (eds.) Advances in Digital Forensics IV. IFIP International Federation for Information Processing, vol. 285, pp. 163–176. Springer, Boston (2008)

    Chapter  Google Scholar 

  4. Kremer, S., Markowitch, O., Zhou, J.: An intensive survey of fair non-repudiation protocols. Computer Communications 25(17), 1606–1621 (2002)

    Article  Google Scholar 

  5. Lin, K.J., Panahi, M., Zhang, Y., Zhang, J., Chang, S.H.: Building accountability middleware to support dependable soa. IEEE Internet Computing 13, 16–25 (2009)

    Article  Google Scholar 

  6. Wang, L., Li, Y., Wijesekera, D., Jajodia, S.: Precisely answering multi-dimensional range queries without privacy breaches. In: Snekkenes, E., Gollmann, D. (eds.) ESORICS 2003. LNCS, vol. 2808, pp. 100–115. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  7. OMG: Business Process Model and Notation (BPMN) 2.0 (January 2011)

    Google Scholar 

  8. Pearson, S., Charlesworth, A.: Accountability as a way forward for privacy protection in the cloud. In: Jaatun, M.G., Zhao, G., Rong, C. (eds.) CloudCom 2009. LNCS, vol. 5931, pp. 131–144. Springer, Heidelberg (2009)

    Google Scholar 

  9. Robinson, P., Cook, N., Shrivastava, S.: Implementing fair non-repudiable interactions with web services. In: EDOC Enterprise Computing Conference, 2005 Ninth IEEE International, pp. 195–206 (September 2005)

    Google Scholar 

  10. Schmeling, B., Charfi, A., Martin, M., Mezini, M.: Towards Conflict-Free Composition of Non-functional Concerns. In: Ralyté, J., Franch, X., Brinkkemper, S., Wrycza, S. (eds.) CAiSE 2012. LNCS, vol. 7328, pp. 80–94. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  11. Schmeling, B., Charfi, A., Mezini, M.: Composing Non-Functional Concerns in Composite Web Services. In: IEEE International Conference on Web Services (ICWS 2011). IEEE Computer Society, Washington DC (2011)

    Google Scholar 

  12. Schmeling, B., Charfi, A., Thome, R., Mezini, M.: Composing Non-Functional Concerns in Web Services. In: The 9th European Conference on Web Services (ECOWS 2011). IEEE Computer Society, Lugano (2011)

    Google Scholar 

  13. Souza, A.R.R., et al.: Incorporating security requirements into service composition: From modelling to execution. In: Baresi, L., Chi, C.-H., Suzuki, J. (eds.) ICSOC-ServiceWave 2009. LNCS, vol. 5900, pp. 373–388. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  14. Tseng, M.M., Su, C.J., Qinhai, M.: Accountability centered approach to business process reengineering. In: HICSS, vol. (4), pp. 345–354 (1998)

    Google Scholar 

  15. Weitzner, D.J., Abelson, H., Berners-Lee, T., Feigenbaum, J., Hendler, J., Sussman, G.J.: Information accountability. Commun. ACM 51, 82–87 (2008)

    Article  Google Scholar 

  16. Yao, J., Chen, S., Wang, C., Levy, D., Zic, J.: Accountability as a service for the cloud. In: IEEE International Conference on Services Computing (SCC) 2010, pp. 81–88 (July 2010)

    Google Scholar 

  17. Zou, J., De Vaney, C., Wang, Y.: A meta-modeling framework to support accountability in business process modeling. In: Yang, J., Ginige, A., Mayr, H.C., Kutsche, R.-D. (eds.) UNISCON 2009. LNBIP, vol. 20, pp. 539–550. Springer, Heidelberg (2009)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. SAP AG, 805 Avenue Maurice Donat, Mougins, France

    Anderson Santana de Oliveira & Gabriel Serme

  2. SAP AG, Bleichstr. 8, Darmstadt, Germany

    Anis Charfi

  3. UBL Informationssysteme, Carl-Ulrich-Strae 4, Neu-Isenburg, Germany

    Benjamin Schmeling

Authors
  1. Anderson Santana de Oliveira
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Anis Charfi
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Benjamin Schmeling
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Gabriel Serme
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. DSV Stockholm University, Stockholm, Sweden

    Ilia Bider

  2. Public Research Centre Henri Tudor, Luxembourg

    Khaled Gaaloul

  3. Norwegian University of Science and Technology (NTNU), Sem Sælandsvei 7-9, N-7030, Trondheim, Norway

    John Krogstie

  4. Université de Paris 1 Panthéon - Sorbonne, Paris, France

    Selmin Nurcan

  5. Public Research Centre Henri Tudor, Luexemboug

    Henderik A. Proper

  6. Munich University of Applied Sciences, Munich, Germany

    Rainer Schmidt

  7. University of Haifa, Haifa, Israel

    Pnina Soffer

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

de Oliveira, A.S., Charfi, A., Schmeling, B., Serme, G. (2014). A Model-Driven Approach for Accountability in Business Processes. In: Bider, I., et al. Enterprise, Business-Process and Information Systems Modeling. BPMDS EMMSAD 2014 2014. Lecture Notes in Business Information Processing, vol 175. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-43745-2_13

Download citation

  • DOI: https://doi.org/10.1007/978-3-662-43745-2_13

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-662-43744-5

  • Online ISBN: 978-3-662-43745-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation